Hi, I’m running into a strange issue with an IPsec tunnel to a Cisco
firewall and I’m hoping someone can help.The tunnel comes up fine and
traffic does pass through, but the connection slows down significantly.
For example:If I ping 8.8.8.8 directly ...
I have some performance SLAs configured with 2 members : external port1
and 2 . I've got some logs that port1 changes state from alive to die.
How do I know if my link is down (ISP issues) or simply just my SLA
health-check failed so firewall removed...
# diagnose fdsm central-mgmt-status Connection status: Down Registration
status: Unknown I can ping FMG and I have already enabled FMG-access on
the interface. is there a diagnose command that I could use to find out
what the issue could be? Thanks
Hi,we have a high packet loss over one of ipsec tunnels and I want to
see if there is a way to see the packet loss ratio( or number of lost
packets) on firewall over a tunnel.Thanks
When I check Fortianalyzer router events, I can see lots of "BGP
neighbor status changed" events that my neighbors are down in for
example last 4 hours. But when I do "get router info bgp neighbours" on
Fortigate, I can see that my neighbours where u...
Thank you for your response. I have disabled NPU offload, but this did
not improve the latency. I considered packet fragmentation as a possible
cause and tested using ICMP with the DF bit set and a reduced MTU;
however, the delay remained consistentl...
I did the sniffer from the fortimanager but I cant see any traffic
hitting fortimanager. from my firewall, firewall is sending out the TCP
sync traffic to the FMG.
I added the system central-management config again and now it's
connected to FMG, however it is on port dmz. How can I force this to
connect to FMG via wan port? I set 'set fmg-source-ip' to my wan ip
address, but still all the communication are from...
thanks for this. When I do 'execute log display' it only displays log
for the last 30 minutes or so but on Fortianalyzer I do logs for the
last 4 hours and I see bgp status changes, I cant see them on firewall.
